The vulnerability is caused by an error in the TIFF Import/Export Graphic Filter (TIFFIM32.FLT) when converting the endianess of certain data. This can be exploited to corrupt memory via e.g. a specially crafted TIFF image.

Successful exploitation may allow execution of arbitrary code when processing a TIFF image in an application using the graphics filter (e.g. opening the image in Microsoft Photo Editor or importing it into an Office document).